Policy (concept)
Status | planned |
---|---|
Since | 4.9 |
Description
Policy is one of several principal object types in midPoint. It is meant to define policies that apply to other objects, usually users, roles and applications. Policy objects are abstract roles, they have ability to apply rules and grant privileges to other entities. They usually act as meta-roles, applying policies to roles, applications and users. They usually contain policy rules.
Documentation
Version | Introduction | Guides | Configuration | Examples | Plans |
---|---|---|---|---|---|
Development | PolicyType |
Related Features
Compliance
This feature is related to the following compliance frameworks:
-
ISO/IEC 27001 5.2: Information security roles and responsibilities
-
ISO/IEC 27001 5.10: Acceptable use of information and other associated assets
-
ISO/IEC 27001 5.19: Information security in supplier relationships
-
ISO/IEC 27001 5.20: Addressing information security within supplier agreements
-
ISO/IEC 27001 5.21: Managing information security in the ICT supply chain
-
ISO/IEC 27001 5.22: Monitoring, review and change management of supplier services
-
ISO/IEC 27001 5.23: Information security for use of cloud services
-
ISO/IEC 27001 5.26: Response to information security incidents
-
ISO/IEC 27001 5.31: Legal, statutory, regulatory and contractual requirements
-
ISO/IEC 27001 5.36: Compliance with policies, rules and standards for information security
-
ISO/IEC 27001 6.3: Information security awareness, education and training
-
ISO/IEC 27001 6.5: Responsibilities after termination or change of employment
-
ISO/IEC 27001 6.6: Confidentiality or non-disclosure agreements
-
ISO/IEC 27001 8.19: Installation of software on operational systems
-
ISO/IEC 27001 8.27: Secure system architecture and engineering principles